Java 25 introduces a standardized Key Derivation Function (KDF) API under JEP 478, providing a clean, JCA-integrated interface for deriving cryptographic keys. The API lives in javax.crypto and follows the familiar factory-method pattern with KDF.getInstance(). It supports HKDF-SHA256, HKDF-SHA384, and HKDF-SHA512 via the SunJCE provider. Developers can derive typed SecretKey objects or raw byte arrays using deriveKey() and deriveData() methods. The HKDFParameterSpec class models the three HKDF phases: Extract-only, Expand-only, and the combined Extract-then-Expand. Compared to the previous approach requiring manual MAC-based HKDF implementation, the new API is concise, type-safe, and provider-swappable without changing application code.
Table of contents
1. Introduction2. Motivation Behind KDFs3. Architecture of the New KDF API4. Derivation Methods5. Input Parameters6. Supported Algorithms in Java 257. Comparing the Old and the New8. ConclusionSort: